-3

Here is a simple C++ code:

#include <cstring>
using namespace std;

int main(int argc, _TCHAR* argv[])
{
    char str[80];
    cout << "輸入字串:";
    gets(str);
    cout << "輸入的字串:" << str << endl;
    return 0;
}

When compiling it, I get the following error:

"错误1 error C4996: 'gets': This function or variable may be unsafe.

Consider using gets_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details."

Holt
  • 36,600
  • 7
  • 92
  • 139
march_seven
  • 691
  • 1
  • 7
  • 13
  • 1
    It means that "gets" may be unsafe and you should consider using gets_s instead. Or you can define _CRT_SECURE_NO_WARNINGS to disable the warning. You can find more details somewhere in the online help, probably by searching for "C4996" or "gets". – user253751 Jun 28 '16 at 05:55
  • when i using gets_s() function instead of gets(). it is OK! – march_seven Jun 28 '16 at 06:00
  • `gets` is so dangerous that it has been deprecated both in C and in C++ – Basile Starynkevitch Jun 28 '16 at 06:02
  • What is it that makes `gets()` dangerous anyway? – Darkrifts Jun 28 '16 at 06:04
  • `gets()` is dangerous because there's no way to protect against a buffer overflow. – Michael Burr Jun 28 '16 at 06:07
  • 1
    As a courtesy to readers, it would be much better to put messages in English in sample code inside questions on SO. – Basile Starynkevitch Jun 28 '16 at 06:13
  • Possible duplicate of [How to use use \_CRT\_SECURE\_NO\_WARNINGS](http://stackoverflow.com/questions/22450423/how-to-use-use-crt-secure-no-warnings) – phuclv Jun 28 '16 at 06:39
  • 2
    @Darkrifts [Why is the gets function so dangerous that it should not be used?](http://stackoverflow.com/q/1694036/995714) – phuclv Jun 28 '16 at 06:40
  • 1) try to google error code before you pose your question. 2) please code in english, this can help people who try to help you. 3) In your question, you should give the infos below: a) what you have done; b) what you don't understand; If you just pose a question and ask why but you didn't even try yourself, people will downvote. In this question, we hope see something like: "I have google error C4996 but I don't understand ..." – Yves Jun 28 '16 at 08:14
  • @Yves thanks for your advice, and always sorry my poor English! 1)it is hard for Google in China and Baidu always tell me something without work. and follow Michael Burr point I have read the book C programing Language, gets() is dangerous because there's no way to protect against a buffer overflow – march_seven Sep 13 '17 at 02:06
  • @march_seven When you want to pose a question here, you must make sure that you have tried your best. A question like this is telling us that you just get an error then you pose a question here but you've never tried to solve it by yourself. This is why you get three down-votes. Even Baidu can tell you lots of stuff: http://blog.csdn.net/u013409439/article/details/46911765 – Yves Sep 13 '17 at 02:40
  • 如果你是刚学c语言,而且你的英语不太好的话,百度是够用的。我的经验是:csdn的论坛不太好用,提问题经常没人回答,但是csdn的博文是不错的,现在还有博客园,这个也很好。提问的话,找c语言的qq群,还有百度贴吧的c语言吧,都有大量的人在上面讨论问题。反正不管你在哪里,一定更要避免“遇到问题立刻找别人问”,一定要有自己思考的过程(在stackoverflow上提问就必须要把自己思考的过程体现在问题里否则会给你downvote),否则你永远学不会编程。一般你只要把编译器的报错信息直接百度搜索一下,大部分问题还是可以找到的。 – Yves Sep 13 '17 at 02:44
  • @Yves 好的 感谢你的建议. – march_seven Sep 14 '17 at 00:52

2 Answers2

4

In genuine C++11 or C++14 the correct way to read an entire line is std::getline or std::basic_istream::getline.

Also, you'll better flush the output before reading an input; remember that C++ and C standard IO functions are buffering.

The old C89 gets function is deprecated since a long time (probably more than ten years), and now forbidden because it is so dangerous (can't avoid a buffer overflow). So please forget it (in C99 or C11, use fgets instead, on POSIX with C99 or C11, use getline; in C++11 or C++14 use as I said std::getline or std::basic_istream::getline).

Your main's body should be:

string str;
cout << "輸入字串:" << flush;
getline(cin,str);
cout << "輸入的字串:" << str << endl;
return 0;

The advantage of using a std::string is that your user could input an arbitrarily long line (up to implementation limits, perhaps million of characters).

If you are coding on a POSIX system like MacOSX or Linux, you could use the GNU readline library and function (see also ncurses) when reading on a terminal. The big advantage is that your user is given editing ability (and completion) when typing his line.

PS. General hint when programming: read the documentation of every function that you are using before coding.

Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547
1

It means that you should use gets_s() instead of gets() The compiler usually knows what's best for the program and what shouldn't be allowed.

Darkrifts
  • 211
  • 2
  • 11